How to Whitelist by Email Header in Google Workspace
If your organization uses Google Workspace, you can whitelist by email header. To whitelist by email header, you'll need to apply a Content Compliance rule to emails that contain KnowBe4's email header. This rule will allow our simulated phishing emails to be delivered to your user's inboxes.
To whitelist KnowBe4 by email header in Google Workspace, follow the steps below:
- Log in to your Google Admin account and click Apps.
- Click Google Workspace.
- In the Showing status for apps in all organizational units area, click Gmail.
- In the Gmail area, click Compliance.
- Navigate to the Content Compliance section.
- Click Add a rule.
Note: If you have previously created a Content Compliance rule, this option will be called Add Another Rule.
- In the Email messages to affect field, select the Inbound checkbox and the Internal - receiving check box.
- Under the Expressions tab, click the first drop-down menu.
- From the first drop-down menu, select if ANY of the following match the message.
- Click Add.
- Undate the settings in the Add expressions that describe the content you want to search for in each message area. For more information about these settings, see the screenshot and list below:
- From the first drop-down menu, select Advanced content match.
- In Location field, select Full headers.
- In the Match type field, select Contains text.
- In the Content field, enter the header text. The default KnowBe4 header is "X-PHISHTEST".
Note: For enhanced security, we recommend that you change the default header to a custom header or header token. You can change the header settings in your KMSAT Account Settings. For more information, see our How to Edit Your Account Settings article.
- Click SAVE.
- In the If the above expressions match, do the following field, select the Bypass spam filter for this message check box under Spam.
We recommend setting up a test phishing campaign for yourself or a small group of users. This test phishing campaign can help ensure that your whitelisting was successful. The setting may take up to an hour to deploy to all users so wait at least an hour before testing. If you experience whitelisting issues after following the steps above, contact our support team.
Note: If your organization uses Google Workspace, you’ll also need to disable the return-path header in your KMSAT Account Settings before sending phishing tests. For more information, see our How to Change the Return-Path Header in Your Account Settings.
Article is closed for comments.